- linux-6.1.69-1 (debian12)
- 6.1.99-1
- 2024-08-21 20:00:22
- 2024-08-23 10:20:34
- K20240821_08
- CVE-2024-1086, CVSSv2 Score: 7.8
- Description:
netfilter: nf_tables: reject QUEUE/DROP verdict parameters
- CVE: https://security-tracker.debian.org/tracker/CVE-2024-1086
- Patch: debian12/6.1.76-1/CVE-2024-1086-netfilter-nf_tables-reject-QUEUE-DROP-verdict-parame.patch
- From: 6.1.76-1
- CVE-2024-26642, CVSSv2 Score: 5.5
- Description:
netfilter: nf_tables: disallow anonymous set with timeout flag
- CVE: https://security-tracker.debian.org/tracker/CVE-2024-26642
- Patch: debian12/6.1.85-1/CVE-2024-26642-netfilter-nf_tables-disallow-anonymous-set-with-timeout-flag.patch
- From: linux-6.1.85-1
- CVE-2024-26643, CVSSv2 Score: 5.5
- Description:
netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout
- CVE: https://security-tracker.debian.org/tracker/CVE-2024-26643
- Patch: debian12/6.1.85-1/CVE-2024-26643-netfilter-nf_tables-mark-set-as-dead-when-unbinding-anonymous-set-with-timeout.patch
- From: linux-6.1.85-1
- CVE-2024-26809, CVSSv2 Score: 5.5
- Description:
netfilter: nft_set_pipapo: release elements in clone only from destroy path
- CVE: https://security-tracker.debian.org/tracker/CVE-2024-26809
- Patch: debian12/6.1.85-1/CVE-2024-26809-netfilter-nft_set_pipapo-release-elements-in-clone-only-from-destroy-path.patch
- From: linux-6.1.85-1
- CVE-2024-24857 CVE-2024-24858, CVSSv2 Score: 6.8
- Description:
Bluetooth: Fix TOCTOU in HCI debugfs implementation
- CVE: https://security-tracker.debian.org/tracker/CVE-2024-24857
- Patch: debian12/6.1.85-1/CVE-2024-24857-CVE-2024-24858-Bluetooth-Fix-TOCTOU-in-HCI-debugfs-implementation.patch
- From: linux-6.1.85-1
- CVE-2024-26585, CVSSv2 Score: 5.1
- Description:
tls: fix race between tx work scheduling and socket close
- CVE: https://security-tracker.debian.org/tracker/CVE-2024-26585
- Patch: debian12/6.1.85-1/CVE-2024-26585-tls-fix-race-between-tx-work-scheduling-and-socket-close.patch
- From: linux-6.1.85-1
- CVE-2023-47233, CVSSv2 Score: 4.3
- Description:
wifi: brcmfmac: Fix use-after-free bug in brcmf_cfg80211_detach
- CVE: https://security-tracker.debian.org/tracker/CVE-2023-47233
- Patch: debian12/6.1.85-1/CVE-2023-47233-wifi-brcmfmac-fix-use-after-free-bug-in.patch
- From: linux-6.1.85-1
- CVE-2024-26810, CVSSv2 Score: 4.4
- Description:
vfio/pci: Lock external INTx masking ops
- CVE: https://security-tracker.debian.org/tracker/CVE-2024-26810
- Patch: debian12/6.1.85-1/CVE-2024-26810-vfio-pci-lock-external-INTx-masking-ops.patch
- From: linux-6.1.85-1
- CVE-2024-26816, CVSSv2 Score:
- Description:
The patch fixes kernel building process.
- CVE:
- Patch: skipped/CVE-2024-26816.patch
- From:
- CVE-2024-26814, CVSSv2 Score: 4.4
- Description:
vfio/fsl-mc: Block calling interrupt handler without trigger
- CVE: https://security-tracker.debian.org/tracker/CVE-2024-26814
- Patch: debian12/6.1.85-1/CVE-2024-26814-vfio-fsl-mc-block-calling-interrupt-handler-without-trigger.patch
- From: linux-6.1.85-1
- CVE-2024-27437, CVSSv2 Score: 4.4
- Description:
vfio/pci: Disable auto-enable of exclusive INTx IRQ
- CVE: https://security-tracker.debian.org/tracker/CVE-2024-27437
- Patch: debian12/6.1.85-1/CVE-2024-27437-vfio-pci-disable-auto-enable-of-exclusive-INTx-IRQ.patch
- From: linux-6.1.85-1
- N/A, CVSSv2 Score: N/A
- Description:
kpatch add alt asm definitions
- CVE: https://www.kernel.org
- Patch: 6.1.38/kpatch-add-alt-asm-definitions.patch
- From: N/A
- CVE-2024-2201, CVSSv2 Score: 4.7
- Description:
x86/bugs: Change commas to semicolons in 'spectre_v2' sysfs file
- CVE: https://security-tracker.debian.org/tracker/CVE-2024-2201
- Patch: debian12/CVE-2024-2201-x86-bugs-Change-commas-to-semicolons-in-spectre_v2-sysfs-file.patch
- From: linux-6.1.85-1
- CVE-2024-2201, CVSSv2 Score: 4.7
- Description:
x86/bhi: Add support for clearing branch history at syscall entry
- CVE: https://security-tracker.debian.org/tracker/CVE-2024-2201
- Patch: debian12/CVE-2024-2201-x86-bhi-Add-support-for-clearing-branch-history-at-syscall-entry.patch
- From: linux-6.1.85-1
- CVE-2024-26815, CVSSv2 Score: 7.1
- Description:
net/sched: taprio: proper TCA_TAPRIO_TC_ENTRY_INDEX check
- CVE: https://security-tracker.debian.org/tracker/CVE-2024-26815
- Patch: debian12/6.1.85-1/CVE-2024-26815-net-sched-taprio-proper-TCA_TAPRIO_TC_ENTRY_INDEX-check.patch
- From: linux-6.1.85-1
- CVE-2024-26815, CVSSv2 Score: 7.1
- Description:
net/sched: taprio: proper TCA_TAPRIO_TC_ENTRY_INDEX check
- CVE: https://security-tracker.debian.org/tracker/CVE-2024-26815
- Patch: debian12/6.1.85-1/CVE-2024-26815-net-sched-taprio-proper-TCA_TAPRIO_TC_ENTRY_INDEX-check-kpatch.patch
- From: linux-6.1.85-1
- N/A, CVSSv2 Score: N/A
- Description:
n_gsm exploit mitigation
- CVE: https://github.com/YuriiCrimson/ExploitGSM/
- Patch: debian12/tty-n_gsm-require-CAP_NET_ADMIN-to-attach-N_GSM0710.patch
- From: N/A